Pharma Spam Campaign Uses Interesting Tactic to Avoid Detection

Security researchers at Symantec have detected a new pharmacy spam email campaign which relies on a fascinating technique to avoid detection.

Cyber crooks are employing subject lines with randomized non-English words or characters in the beginning or end.

The spam message encloses a 'Google Translate' link as well as promotional text explaining the advantages of buying medicines online with a discount code for the reader.

On clicking the link, the victim is taken to rogue pharmacy websites.

According to Symantec, the redirection mechanism is pretty complex. On clicking the link, 'Google Translate' is meant to obtain a second address implanted in the link that redirects them to a pharmaceutical website, as accords to news published by symantec.com on July 23, 2013.

Use of 'Google Translate' in this fashion is nothing new. Unlike campaigns prior to this one, that exploit URL shortening services in the second part of the link, the spammers in this case take benefit of country IDN (internationalized domain name) top-level domains (TLDs) particularly Cyrillic.po.ones.

And, while spam mail levels have been plummeting gradually since past year but it is not yet dead. Cybercriminals are always hunting for new ways and techniques to keep themselves ahead of refined spam filters and the utilization of 'Google Translate', as in the above mentioned spam email campaign, is a good example of this, the security firm notes.

Security experts of security firm comment that despite the end of once epic pharmacy spam arising from Canadian Pharmacy, cybercriminals behind such spam email campaigns have not given up their endeavors to hawk their bogus pharmacies and con people into their grey deals which help them (that is, cybercriminals) in getting cash.

On a concluding note, it is worthwhile to know that cyber thugs are taking extreme steps to hide their malicious activities. Security experts advise Internauts that they need to be especially aware and conscious of emailed links and not to click when it is coming in unsolicited emails. This practice on the end of Internauts is required even if good spam filters are activated, the security firm notes.

» SPAMfighter News - 7/29/2013